Talos Vulnerability Report

TALOS-2018-0688

Anker Roav A1 Dashcam Wifi AP Default Credential Vulnerability

May 13, 2019

CVE Number

CVE-2018-4017

Summary

An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version "RoavA1SWV1.9.” A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability.

Tested Versions

Anker Roav A1 Dashcam RoavA1SWV1.9

Product URLs

CVSSv3 Score

7.1 - CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-798: Use of Hard-coded Credentials

Details

The Roav A1 Dashcam by Anker is a dashboard camera that allows users to connect using the Roav app for Android and iOS so that they can toggle settings and download videos from the dashcam, along with a host of other features. In order to do this, users must first enable the “Wi-Fi AP” setting manually on the dashcam, and then connect to the “RoavA1” SSID, with the default password of “goroavcam.”

From here, it’s not required that the user changes the default password, although it is an available option. As such, the combination of this default credential and the manual start of the Wi-Fi AP itself serve as the only means of protection from attackers (due to the lack of authentication anywhere else).